As I write, the three largest pools (F2Pool, AntPool and GHash.IO) controlled 50% of the mining power for the past 24 hours, so Eyal is right to say:

Gavin Andresen, chief scientist of the Bitcoin Foundation, has repeatedly urged miners to use smaller pools, and researchers, including ourselves, have suggested technical fixes to reduce pool size (here, and here). But alas, community pressure has only had limited success, and technical solutions are still under development and far from production.

Long term block withholding attacks are difficult to hide, since miners using an attacked pool would notice the reduced revenue density. Nevertheless, such attacks are rarely reported, and we can therefore conclude that they are indeed rare.

This attack affects the revenues of the pools in several ways. The victim pool’s effective mining rate is unchanged, but its total revenue is divided among more miners. The attacker’s mining power is reduced, since some of its miners are used for block withholding, but it earns additional revenue through its infiltration of the other pool. And finally, the total effective mining power in the system is reduced, causing the Bitcoin protocol to reduce the difficulty.
Taking all these factors into account, we observe that a pool might be able to increase its revenue by attacking other pools.

Since pools can decide to start or stop attacking at any point, this can be modeled as the miner’s dilemma — an instance of the iterative prisoner’s dilemma. Attacking is the dominant
strategy in each iteration, but if the pools can agree not to attack, both benefit in the long run.

Our results imply that block withholding by pools leads to an unfavorable equilibrium. Nevertheless, due to the anonymity of miners, a single pool might be tempted to attack, leading the other pools to attack as well. The implications might be devastating for open pools: If their revenues are reduced, miners will prefer to form closed pools that cannot be attacked in this manner. Though this may be conceived as bad news for public mining pools, on the whole it may be good news to the Bitcoin system, which prefers small pools.

Open public pools are those whose miners are anonymous, and therefore untrusted. Pools whose miners are trusted are closed; they behave as a single miner. The assumption here is that only open public pools can grow large enough to threaten the network, which appears to be the case at present.

The block withholding attack provides an incentive for miners to join closed pools, which are assumed to be smaller. But it isn't a very powerful incentive. It depends on the breakdown of an agreement not to use an attack which has to be sustained over a significant period, which is "difficult to hide", and which does not seem likely to have a large impact on miner's income compared, for example, to market forces. Eyal points out that:

[Miners] have only
little incentive to use very large pools; it's mostly convenience and a
feeling of trust in large entities.

Nevertheless, these weak incentives have concentrated 50% of the mining power in only three pools. So there must be some doubt that the not-very-powerful incentive provided by the possibility of the breakdown of the agreement not to use the block withholding attack would overcome "convenience and a
feeling of trust in large entities".

Note that of the three pools controlling 50% of the mining power, two
(F2Pool and GHash.IO) are secretive. The third is AntPool, which as I understand it is based on p2pool, a P2P pool protocol. A goal of p2pool is to ensure that an attack by a pool using it can only be performed by modifying the code running at the pool's miners, not by code running at a pool manager. Thus an attack by a p2pool-based pool would be visible to the pool's miners, as a conventional pool's attack would not be. This mitigates the bad effects of a large public pool. But does it leave a p2pool unable to respond to a block withholding attack by attacking back? I need to study p2pool more, so apologies if I misrepresent it.

Neither the withholding attack nor p2pool mitigates the bad effects of a large closed pool, or a large
single miner.

Although I'm skeptical of the practical impact of Eyal's analysis, it led me to think that my economies of scale argument needs to be refined. Eyal shows that the incentives for open and closed pools (or single miners) are different, and I think that is true for the effects of economies of scale too.

The costs of mining, and thus the benefits of economies of scale, apply to the individual miner (and thus to closed pools). There are thus powerful incentives causing the majority of mining power to be generated by large miners. But a pool bears none of the costs of actual mining, only the costs of running the pool. A miner increases scale by investing in hardware, which costs a lot. A public pool grows by attracting miners, which costs very little. Even though Eyal points out that miners have "little incentive to use very large pools" it is clear that large miners prefer very large pools. I need to think more about the forces that are operating to drive the domination by very large pools, but clearly the advantages to very large miners must be a major factor. Are they more sensitive to small changes in reward variance?